Posted
by
simoniker
on Wednesday December 10, 2003 @08:37PM
from the mmmm-drm dept.

scubacuda writes "PC Advisor and others report that the CRF (Content Reference Forum), a new, cross-industry standards organisation that boasts Universal Music Group, Microsoft, Nippon Telegraph and Telephone (NTT) and VeriSign among its members, has unveiled a new specification for a DRM technology.
A draft of CRF Baseline Profile 1.0 is available for public review and comment." According to a report on CNET News, the "the [CRF-created] file would set up a process that automatically delivers files in the right format and potentially triggers an automatic payment system that could be changed moment to moment by the content distributor."

Trusted Computing securely reports to the media company that you are running on a compliant Trusted Computing system - your "enviornment". The files will not WORK unless you have an approved "enviornment" that will enforce for example a $1 billing process before playign the file. The whole CRF system is a standard fo

The Content Reference Forum is hoping to create a kind of
intelligent file that can be distributed through file-sharing networks
like Kazaa, Web pages, e-mail or almost anywhere else online.

Instead of containing a song or movie itself, the file would set up a
process that automatically delivers files in the right format and potentially
triggers an automatic payment system that could be changed moment to moment
by the content distributor.

Anyone else get the impression that "intelligent file" is newspeak for
"dangerously executable"?

Wow, people are going to download executable code from kazaa and execute it.
It ain't hard to guess what the follow-up news stories are going to be like.
(Dammit, why haven't I bought stock in the anti-virus companies yet?!)

It's not clear to me that it is actually an executable. "the file would set up a process" sort of implies this, but it could just as easily be a file that contains instructions for getting the file. I don't think it has to be dangerous. It seems to me it could be just as benign as regular media files.

So how exactly would this prevent me from, say, using a packet sniffer to grab the content as it comes down the wire (or grabbing it at whatever stage it exists decrypted) and redistributing THAT on Kazaa?

No, it'd pretty much have to be an executable wrapper around the content that communicates with the sound card VIA some kind of "secure" hardware path.

Sure, ok, but what I read seems like it may give people a consistent way to pay for information EVERY TIME THEY USE IT!!

You know this is the holy grail for DRM, and also something I will absolutely not participate in. Look at the web access for cell phones with its pay to connect type of charges. These kind of payment schemes are just excuses for monopolies to fleece the customer.

Except we already have that. Heck, we have that in several dozen different ways. What this provides is the ability for corporations to charge you for content whenever they feel like it, without paying for distribution themselves. Oh, and change the purchase terms, and any number of other dirty tricks.

LOS ANGELES - A Los Angeles man was sentenced and jailed without trial for violating the File Acquisition Grant System (FAGS) when he downloaded a ten year old Kid Rock song without submitting the required payment of 2 Euros.

"My cat was sitting on my desk, and I guess his paw was on the Num Lock key or something, right when the transaction was happening. I didn't intend to violate the EULA at all," said the incarcerated netizen, whose belonging have been seized and sold on EBay.

Alcohol, Tobacco, Firearm, and Media (ATFM) agent Phucyo Fridomup successfully lobbied the automated court system (running a patched version of MS Justice 2007) to get another three consecutive life sentences added on after hearing the comment about the cat, since this may give other criminals information to use to bypass the payment system and is a further violation of DMCA.

The cat has since been ritually slaughtered and offered up as sacrifice pursuant to 2008 Patriot Act Adjunct Subsection 8.4.

Here's something I posted to LinuxToday.com a good long time ago. The post is http://linuxtoday.com/news_story.php3?ltsn=2001-05 -02-015-20-NW-CY-0020 and the story is http://wired.com/news/digiwood/0,1412,43485,00.htm l

March 15 -- Today an Ohio public school classroom was raided by Department Of Media Enforcement (DOME) agents, following a tip that a student was in possesion of two unauthorized screen captures. The captures were reportedly from the popular TV shows, Frivolity (Tuesdays MVE, 9:00PM - 1

"Punishments too light. Expect life jail sentences, extension of liability to family, friends, and unlimited fines, all to be determined by the copyright holders."

One thing that I found quite interesting when watching it again, in the movie Aliens, the whole thing is a corporate wonderland! 40-odd years ago you forgot to do your maintenance on that one motor-spinny-thing? We'll have to fine you $3,000! The whole military / corporate trial was really scary, and I don't know why I didn't pick up on it the fi

Blah. you mean more like 'automatic theft system'( once your machine is cracked ), or 'automatic consumer screw system', or 'automatic removal system' ( for those documents of 'restricted information' )...

If we ever get to that point, i for one wont be using a PC device of any kind...

"If we ever get to that point, i for one wont be using a PC device of any kind..."

well by that point in time I will be using macs and linux pc's, So either I will be immune, or just won't be upgradeing any more hardware. It will suck, but I will be free, to do as I live, as I desire.

Last time I checked, a file that tries to automatically charge you for opening it was a...

virus?

Ok, let me also say this. The whole thought process around the word automatically is really starting to scare the hell out me. We live in a society where folk have a hard time keeping track of written checks. How the hell do we expect them to keep track of all the automatic deductions being taken from them?

Oh wait, we don't. Just another way to enslave the masses I guess.

No thanks. I will stick files that might sound like crap, but I don't get charged for until I buy the cd (let the flames begin).

As far as I can imagine, "automatic payment" won't survive in a court. Unless you authorize payment, it's theft - setting up the account isn't authorization enough. The second they charge you, you can bring up a suit saying that you didn't download that song, your 7-year-old did, who isn't old enough to participate in the contract, etc.. I don't see how they expect to prove you payed if the transfer is completely automatic (no digital signiture, no entry of credit card info at time of purchase, no "Click Here to Order," etc.).

Imagine a virus that downloads tens of thousands of songs to your computer. Then imagine the automatic money transfer. Then imagine the lawsuit you'll have if they won't give back the money.

Automatic payment can be legal, even if it is variable. It is how iTunes, other music service, and various utilities work. You sign an agreement saying you will be responsible for all charges incurred, and the service bills periodically. With iTunes it is important to keep your computer secure, otherwise a child or other miscreant might run up bills. It is really no different from the kid leaving the lights and air on all day and night.

is it just me or does this "potentially triggers an automatic payment system that could be changed moment to moment by the content distributor" sound a bit dangerous and easily abusable by the 'content distributor'?

Is it just me, or does this require the participation of ALL digital content providers to work? For example, how will the downloaded file get a working file from iTunes if Apple doesn't want any part of it?

If I'm right, this seems dead before it starts, since the only real shot it has (IMHO) is being able to provide all songs, where some online sales places can't.

Under the new technology, people would share the "Content Reference" file instead, which would point them to authorized versions of the content that would automatically fit whatever device or computer software the recipient is using.

This doesn't really answer your question (maybe it does, but I'm very dense). I don't know how they will prevent you from copying the file when/while you retrieve it, though.

While the United States Constitution allows Congress to enact copyright laws, it doesn't require Congress to do so. Copyright could be repealed, and file sharing made legal tomorrow if you could just get the votes in Congress to do so.

If you think this couldn't happen, consider that more Americans use p2p filesharing applications than voted for George Bush.

Change the Law [goingware.com], from my article
Links to Tens of Thousands of Legal Music Downloads [goingware.com], discusses the background of copyright law in the United States, and suggests steps you can take to reform copyright law. Among the steps I discuss are to Speak Out, Vote, Write to Your Elected Representatives, Donate Money to Political Campaigns, Support Campaign Finance Reform, Join the Electronic Frontier Foundation and Practice Civil Disobedience

So we repeal copyright. What is left to 'promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries'?

I think copyright should be restricted. For example, a software copyright should last only less then 5 years, or software cannot be copyrighted if you do not show the code. Something that will allow copyright to recoup for expenses, but not be abused.

Copyright is restricted. The current life plus 70 years was a step in the wrong direction from the original life plus 50 years. But your suggestion, and I know it was meant only as example, of 5 years flat is too big a jump in the right direction.

You've got to remember that the entertainment industry is a very special case of copyright. It has a very large consumer base and a tight fisted distribution arm which has abused copyright laws for their own financial gain. But the war must be between the cons

Not everyone is going to gladly put time and money into a project, be it software or a music album, that will reap them next to no monetary reward. I've got bills and a mortgage, I need to put food on the table and wouldn't mind some creature comforts now and then (and I won't sneeze at a tropical holiday). Am I to survive on the warm fuzzy feeling of knowing that all my work is in the public domain for all to enjoy?

I'm sure there'll be the place for talented individuals, but what I really fear will go missing are the large collaborative efforts. For example, take any professional cinema production. Between actors, props, make-up, costumes, cameramen, audiomen, directors, producers, editers, special effects and all the other people I'm forgetting right now, only a very few become famous. The stars and the star directors might get "enough" in itself through fame, status and whatever comes along with that.

Neither did the brothers Grimm, yet Disney seems to "need" copyrights to ensure their continued contribution to society.

Also, it was probably much harder to publish something and distribute it widely, so wouldn't copyright be more important to artists of that time? I can write a short story, stick it in a blog, and have it around the world in hours. So much less expense and financial risk for me, yet so much more incentive. Someone tell me again why we're stuck with the crap Disney produces?

While you don't have the financial risk of pressing thousands of copies of a CD and hoping they sell, you do have the costs involved in creating the work in the first place. Usually the biggest cost is the creative one. Good artists don't just come up with endless streams of good ideas - they tend to have a few and they need to make their money off of those.

Think of Tolkein and LotR. Do you think he just scribbled that out in a few wee

If I were to write a book, I would not be able to make any money out of it without copyright protection, because as soon as I put it on sale, some big publishing house with a massive distribution network and the ability to print large quantities of books at low cost would wrap my book in a designer cover and sell it at a much lower price than I could afford.

I suggest repeal in my original post in a hypothetical way, in order to capture the reader's attention.

But my personal feeling is that copyright should be reformed, not repealed.

For example, while I feel that copyright should be allowed for software, I don't think it should be permitted for binary-only releases unless full source code is submitted to the copyright office, so that upon the expiration of the copyright, it can be released to the public domain.

But you at least do make a valid point that reforming the laws would still leave them there to perform the function of promoting progress. I do however see a problem with the person's lifetime being the limit.

Here in Australia the hottest local muscial artist is also suffering from a possibly fatal disease. Now we all hope she'll make it through and I think she will, but just say she didn't. Does all her work then go into the public domain? What if she were marr

If you repeal copyright, 30% of the economy vanishes the next morning.

OK, apply that logic in reverse. Let's pass a law that companies can own days of the year. On June 1, for example, AOL might have the right to control all commerce, charging what taxes or fees they see fit. If they charge too much, people will wait till June 2, when IBM's laws will govern. Think of the expansion of the economy! Employment for lawyers, enforcement agents, marketers advocating a particular day to go shopping. Thing h

While the United States Constitution allows Congress to enact copyright laws, it doesn't require Congress to do so. Copyright could be repealed, and file sharing made legal tomorrow if you could just get the votes in Congress to do so.

In theory perhaps, but there are some difficult international treaty obligations there...

"Currently, people who send files through file-trading networks, or via e-mail or instant messaging, are largely locked in to sending a specific file that may not be readable by people who lack the appropriate software or hardware."

That makes a lot of sense. This technology will allow me to share my copy of Deus Ex 2 with my friends who have Macs. Thanks for clearing that up.

Its really scary reading all this online. Large monopolies growing larger set to put the law back 200 hundred and more years.

A lot of people who don't read places like slashdot would be equally concerned if they knew what was going on. They need to be educated, its why democracy works, and why it fails when it doesn't occur.

A lot of people who don't read places like slashdot would be equally concerned if they knew what was going on. They need to be educated, its why democracy works, and why it fails when it doesn't occur.

Democracy works fine without education. The problem is mob-rule where the whims and impulses of social consciousness determine policies that are often short-sighted and dangerous.

This is one reason why we (U.S.A.) have a representative democracy (as opposed to direct democracy). A filtering layer of responsibility prevents horrible things from happening.

I actually think our democracy would work better if people were uneducated. Our education system now is broken, serving to indoctrinate political and cultural agendas far more than impart any useful knowledge.

At least if we acknolwedged this fact and focused our efforts on useful propoganda for our youth rather than bickering with school boards and burned out teachers and still having no consensus on morality, ethics, history, or even current events, then we might have a chance of generating good voters.

As it stands now, kids in school learn mostly how to fight and how to memorize trivia for short periods of time. If our country was a giant game show with a fighting round followed by a quiz round, then we'd be all set.

Large monopolies growing larger set to put the law back 200 hundred and more years.

Not at all. If copyright were as it was two centuries ago few, if any, Slashdotters would be complaining. The problem isn't that these groups want the law to revert to some earlier incarnation, they want to be allowed to continue mutating copyright into some hybrid form favorable only to themselves. Remember, the RIAA and sister organizations have been "adjusting" copyright law for a very long time: it was largely back-room stuff. They've just gotten a lot more overt about it recently and people are starting to notice.

But this comes back to enlightened Capitalism, or the lack of it. Absolute control does not guarantee an eternal revenue stream, in spite of content holders contrary beliefs. Put this way: even before peer-to-peer raised its (to them) ugly head, music sales were falling off. Well, at least the industry's growth rate was dropping. And that was the period where they had substantially more control of music distribution and production than they have now. Being able to restrict content distribution with an iron-clan DRM system can't force people to buy a product that they do not like and for which they have no use. The music companies and the RIAA figured that, if they could control all the music available for purchase or on the radio, they could sell us anything they want and we would buy it. That approach worked for a while, but eventually the public wised up and demanded more. And when Napster came along... well, the genie was let out of the bottle for good. True to form, the music companies refused to see the opportunity presented by this technology and focussed instead on maintaining the status-que-ante.

Whatever genre of entertainment floats your boat, the two things the buying public wants are a. variety and b. quality. Variety is probably the more important of the two. In any case, the entertainment industry (the music studios in particular) has been providing us with progressively fewer choices, along with a general degradation in quality. All the DRM in the world won't make me buy crap. Sometimes you just simply have to provide a quality product for a reasonable price... it's just good business.

The music industry's monomaniacal absorption with peer-to-peer file sharing is interesting. They seem to be operating under the delusion that eliminating or corrupting these primitive networks will assure them of their due. And even if it were actually possible to enforce a global ban on file sharing... well, there are other means. A fellow at work brought in a removable hard disk with ninety-odd gigabytes of MP3 files on it: needless to say he became quite popular.

The point is that there really isn't any way for the content people to recan this particular can of worms. People with get what they want, which is a large selection of reasonably priced (or, if necessary, free) music and if it means going back to SneakerNet that's exactly what will happen.

"potentially triggers an automatic payment system that could be changed moment to moment by the content distributor"
So basically, a file could cost 10 cents one minute, and 20 the next? What if you happened to download the file as it was being repriced, and you end up paying more than you expected?

Suddenly I am less happy.
#1. M$ is part and parcel of it.
#2. I don't like DRM
Glancing at a document on the site, it would appear that it is a lawyer tool.
Observe from their document:
The primary goal for developing CEL is
to meet requirements for building operational systems for content reference as given in [15], and
to provide an extensible architectural framework for specifying contracts in other potential applications (outside of those for content reference)
The primary function of a contract in

Oh gee I can't wait to see what kind of quality products these great protectors of individual rights come out with next. It sure is great to see such companies as Microsoft & Macrovision working together, but it sure does make you wonder where the RIAA and the Taliban were during these meetings? Their invitations must have gotten lost in the mail.

> It sure is great to see such companies as Microsoft & Macrovision working together, but it sure does make you wonder where the RIAA and the Taliban were during these meetings? Their invitations must have gotten lost in the mail.

One wasn't evil enough for an invite, and the BATF guy got hung up at airport security.

"the [CRF-created] file would set up a process that automatically delivers files in the right format and potentially triggers an automatic payment system that could be changed moment to moment by the content distributor."

Folks I hate to break it to ya but this type of stuff is the beginning of the end for privacy in the U.S. and abroad. Any lingering "wall" of privacy afforded to citizens trying to maintain personal discretion and private matters..well private is being torn down bit by bit. First it's the Patriot Act with it's slick naming scheme police state features and now it's the computer industry complying with it's handlers to figure out a way to make your data their data (remember that possession of 'property' is 9

Fun for the whole family, have little billy click it twice for twice the fun!

Seriously, I was eating in "Dennies" (rellay, my fault, I know) and the eight of us each had the all-you-can-eat breakfast bar. When the bill arrived we had been charged for ten. When we said, "hey, there are eight of us, but you charged us for ten" the servers response was, "oh, so do you want to go back and eat some more?"

If you don't understand what is so wrong with the server in this example, then "automatically" and "changed at any time" are happy fun words for you and yours.

Someone please save us all from the popular culture that would make people think anything like this CRF could be given a "popular and positive" spin...

I just want something that sucks my credit card number, PIN, SSN, mother's maiden name, and the biometrics for my colon if I so as much as hover on a hyperlink. That's what I want. I'm patenting it right now before any of you other bastards claim prior art.

I want to be charged for breathing, too, but I haven't figured that out yet.

"the [CRF-created] file would set up a process that automatically delivers files in the right format and potentially triggers an automatic payment system that could be changed moment to moment by the content distributor."

Oh yeah, that sounds like a great idea.

Remember, these are the people you keep reading about that leave their servers open and have lists of credit cards stolen from them. Regularly.

Just imagine DRM and auto billing mixed into that. This will be a nightmare of epic proportions. You heard it here first.

There is currently a lack of interoperability between digital content technologies that makes it challenging for consumers to easily get the content they want, in the format, platform and other preferences they choose.

"While the internet and its protcols e.g www/http, filesharing etc are well suited to almost eveyrone in the world, we the suits find it challenging to make more money from less work."

Additionally, there is currently no technology framework in place that allows all market participants to ensure that the business agreements they make are respected.

"We have come to the conclusion that the business model that has been in use since the dawn of mankind (you give me this i give you that) does not work. We want to sell you a book, but we dont trust you to burn it after 24 hours so you can return and buy another one."

Today, there does not exist a technical and business framework to achieve interoperability across multiple technology platforms and enable new business models. The Content Reference Forum plans to change that.

"We had an old business model working before, but unfortunately there has been a change in technology and instead of moving on we want it our way."

The Content Reference Forum (CRF) is a recently formed standards group of leading technology and content-related companies established to develop a universal way to distribute digital content across various media and geographies.

"We have decided to join forces with our other corporate friends and make what is known in the business world as 'A big fucking unstoppable snow-ball monopoly bull-doser'"

The organization's goal is to create a dynamic marketplace where participants can promote, sell and legitimately share content; consumers can get the right content for their location, platform and preferences; and the underlying commercial agreements and rights surrounding the content are respected.

"We realised that eventualy everyone would figure out our plans so we sugar coated a potentially useless idea with the solution to a totally random problem: people get pissed off when they have to select their country and media format from a drop-down list."

Consumers will also eventually benefit as it becomes easier for them to find and share the content they want in the way they want it.

"Consumers will eventually realise that if they do what we say we wont sue them. They will also be able to use our complicated, badly designed content search system and have the ability to select their country and media format from a drop-down list."

The technology is context sensitive. It's the antithesis to one-size-fits-all mass market distribution models. This makes it quite powerful and consumer friendly. The user's situation is relevant and respected including the rendering environment, location, existing relationship with content provider(s), and language preferences.

"We're going to write this little java app that lets you set the background colour of your online shop, and you can select your country from a drop-down list!"

Last night, I got a worried IM from a younger cousin of mine. His mom had "cleaned up" their computer, and he was having trouble sending some wmv/rm files to friends of his. Windows Media Player kept giving him and his friends errors along the line of "I'm sorry, but you don't have a license to play that file." Of course, I immediately knew what was going on, and explained to him that Windows was just trying to prevent him from making illegal copies of music. The problem is, the files he was trying to share were of his band, off of their own demo CD. At that point, I pointed him to xiph and enlightened him about ogg vorbis.

Actually, he might not have the right to distribute those files. He needs the songwriter's OK to distribute a recording of a song. And if he is the songwriter, he needs a professional musicologist's OK, or else what happened to George Harrison [columbia.edu] might happen to him.

I agree with all the previous posts saying how this is just another control mechanism. How in the hell can any human being accept a standard that automatically charges your bank account or credit card? I can see it now...you accidentally click on something and you end up buying it even thought you never agreed to or wanted said product.

So what is your response to this Mega-Corporation virtual theft? You call up their 1-800 number based in some 3rd world country and sit on hold for a day or so. When you finally get someone online they know nothing plus you can't understand a word they say.

God this sounds fucking great!I can't wait! Where do I sign up?

Seriously these mega-corps can institute this standard or whatever they want to call it and sell it to the masses but we DO have a say so. I hope it goes the way of the 1st incarnation of DivX from Circuit City and burns out oh so quickly.

We as consumers can reject this outright and not buy into it. Money talks and bullshit walks. Money is the only thing these companies understand and that's the genesis of the entire drm/dmca argument although they would like to convince us it's just the ability to innovate.

With groups wanting to tie a drm to hardware and now this I really think the day is coming where we will actually want to stick with yesterday's hardware (today's) and forgo the next gen with all of the mega-media money protections built in.

I will stick with the hardware that I can control and not let it control me.

Currently, people who send files through file-trading networks, or via e-mail or instant messaging, are largely locked in to sending a specific file that may not be readable by people who lack the appropriate software or hardware.

What kind of fantasy world are they living in. The problem is that almost everything is encoded in well known formats that can be handled by most machines. The powers that be wish that content on P2P networks were in proprietary protected formats, but except for a bit of wind

something about standards these days - they don't seem to ever live up to what they are really needed for. Take XSL for instance, a good start, but there are still some real problems. XML, hard to screw up. wep for example completely fails at any sort of security, we have to count on ipsec to provide secure connections. funny how though, there are no standards on authenticating a private tunnel based on a username and password. HELLO, radius is no longer acceptable. but as such for all the standards based g

Currently, people who send files through file-trading networks, or via e-mail or instant messaging, are largely locked in to sending a specific file that may not be readable by people who lack the appropriate software or hardware.

And they plan to correct that by providing files to download that are specifically designed not to be readable by people who lack the appropriate software or hardware

These people don't actually use the English language. Or at best its a version of English that has been taken out the back, given a good thrashing and been convinced to do what its told or there'll be more of the same.

Both the RIAA, Microsoft and Verisign have a dominant role in their respective markets. This forum is about providing a infrastructure for digital content.

There is inherently nothing wrong with that. That is, as long as they define infrastructure that will be universally applicable. So if it only runs on an Microsoft platform it has failed. If it only protects data by companies associated with the RIAA it has failed. If the only security it allows for is the security as provided by Verisign it has failed.

When content, of a type protected by the mechanisms to be worked out by this committee, become available, the content is the copyright of the issuer of the data and as such it is entitled to the protection offered by the infrastructure. This means that music is secured at the time of publication within the infrastructure. This allows for people to create their own content and do with it as they like and, if at all it is secured, it is secured within the same infrastructure as is the commercial content as published by the organisations associated with the RIAA.

* Linus Torvalds has said before that the inclusion of DRM is not a problem as far as he is concerned.* Music Midi and computers have a long history. It cannot be that the use of computers connencted with music or photo's or video will cease.* There is nothing inherently wrong with DRM but it has to be open and it must secure my data as much as the data from a commercial entity.* Given the pedegree of the people in this committee THEY have to prove their bona fides. Microsoft is a convicted monopolist and the RIAA wants the law to grant them the right to be a monopolist. They have one good thing going for them; Microsoft is one of the greatest marketing companies ever.

Let me get this straight, you will give me a better picture on my television AND take fifty cent off the air. Make sure to get rid of his music videos as well. Now... where does the profit part come in?